Skip to main content

Statics Server

2 CVEs product

Monthly

CVE-2019-15596 npm HIGH POC This Week

A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Statics Server
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2018-3771 npm MEDIUM POC This Month

An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Statics Server
NVD
CVSS 3.1
6.1
EPSS
0.9%
EPSS 2% CVSS 7.5
HIGH POC This Week

A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Statics Server
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Statics Server
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy